1. Field of the Invention
The present invention relates, in general, to a fast application recognition system and a fast application processing method and, more particularly, to a fast application recognition system and a fast application processing method that update a caching table with application analysis information in real time, recognize an application only through a search for the header information of a packet, and conduct a corresponding control policy.
2. Background of the Invention
Conventional network security equipment monitors and controls security risks using Internet Protocol (IP) and Transmission Control Protocol (TCP) headers. However, with the development of tunneling or proxy technology and the integration of applications into the web, it has become difficult to determine the security risk of an actual network using only the IP/TCP header information of a simple packet. In order to resolve this problem, next-generation security equipment is equipped with Deep Packet Inspection (DPI), which is a technology for recognizing not only IP/TCP header information but also an application present in a data header and performing control in accordance with a policy defined in the corresponding application, thereby enhancing the security of a network. Furthermore, DPI has been popularly used in the traffic management field, and has been chiefly used as a technology for generally improving network visibility. In particular, recently, DPI has gradually developed to a service/system/device control technology and a billing technology. However, DPI is disadvantageous in that it is not applied to network security equipment that should inspect all of a large number of packets in spite of the above-described various advantages because it requires many system resources for session/application-level analysis/control rather than packet-level detection/control.